Cert Security Bulletin

Discussion in 'other security issues & news' started by Free@Last, Nov 10, 2004.

Thread Status:
Not open for further replies.
  1. Free@Last

    Free@Last Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    20
    RARlabs

    WinRAR 3.40 and prior
    A vulnerability exists which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the 'Repair Archive' feature.

    Update to version 3.41: http://www.rarlabs.com/download.htm

    We are not aware of any exploits for this vulnerability.
    RARlabs WinRAR 'Repair Archive' Feature Compromise Medium NGS Research, November 2, 2004


    Kerio Technologies Inc.

    Kerio Personal Firewall 4.1.2 and prior
    A vulnerability exists that could permit a remote malicious user to cause Denial of Service conditions. There is a packet processing flaw that can trigger 100% CPU utilization on the target system.

    The vendor has issued a fixed version (4.1.2), available at: http://www.kerio.com/kpf_download.html

    A Proof of Concept exploit has been published.
    Kerio Personal Firewall Remote Denial of Service Low SecurityTracker Alert ID, 1012116, November 8, 2004


    Symantec

    Norton Anti-Virus 2004, 2005
    A vulnerability was reported in Norton Anti-Virus in the script blocking feature. A remote user can create specially crafted scripting code to bypass the security mechanisms and take malicious actions on the target user's system.

    No workaround or patch available at time of publishing.

    A Proof of Concept exploit has been published.
    Symantec Norton Anti-Virus Script Blocking Bypass Medium SecurityTracker Alert ID, 1012079, November 4, 2004


    Symantec

    Symantec LiveUpdate 1.80.19.0, 2.5.56.0
    A vulnerability exists which may allow a malicious user to cause Denial of Service conditions in certain cases. Tithe LiveUpdate decompression routine does not check for uncompressed file sizes before attempting to decompress a downloaded LiveUpdate zip file and does not properly validate directory names before creating the directories on the target system.

    No workaround or patch available at time of publishing.

    A Proof of Concept exploit has been published.
    Symantec LiveUpdate Zip Decompression Routine Denial of Service Low SecurityTracker Alert ID, 1012095, November 5, 2004


    Trend Micro

    ScanMail
    A vulnerability exists that could allow a remote malicious user to obtain potentially sensitive information or disable the anti-virus protection. A remote user may be able to access the 'smency.nsf' file to disable the anti-virus protection. The remote user may also be able to access other potentially sensitive files, including smconf.nsf, smhelp.nsf, and smadmr5.nsf.

    No workaround or patch available at time of publishing.

    We are not aware of any exploits for this vulnerability.
    Trend Micro ScanMail Sensitive File Disclosure

    CVE Name:
    CAN-2004-1003
    Medium SecurityTracker Alert ID, 1012082, November 4, 2004
     
Loading...
Thread Status:
Not open for further replies.